Udemy

Udemy suffered a data breach affecting 1.4 million accounts, with customer and instructor information including email addresses, names, addresses, phone numbers, and payment methods exposed.

Reported

May 1, 2026

Breach date

Apr 24, 2026

People affected

1.4M

Severity

critical

What was exposed

Email addressesNamesPhysical addressesPhone numbersEmployersJob titlesPayment methods

What happened

According to HIBP, online training company Udemy was targeted by the ShinyHunters group in April 2026 in a "pay or leak" extortion attempt. The attackers subsequently released the stolen data publicly.

What was exposed

The breach exposed data for 1.4 million unique email addresses belonging to Udemy customers and instructors. Exposed information included names, physical addresses, phone numbers, employer information, and instructor payout methods such as PayPal, cheque, and bank transfer details.

Who is affected

Approximately 1.4 million Udemy customers and instructors were affected by the breach.

What to do now

If you have a Udemy account, monitor your email and financial accounts for suspicious activity. Consider changing your Udemy password and reviewing any linked payment methods for unauthorized transactions. Be cautious of phishing attempts targeting affected users.

Case monitoring

Get notified about the Udemy case.

No attorney or law firm using Breached is currently investigating this case. You can submit your information as an interest expression to be notified if that changes. We never sell your details.

No attorney currently investigating

No attorney or law firm using Breached is currently investigating the Udemy breach through Breached. You can submit information as an interest expression to be notified if that changes. Your details will not be routed to a law firm unless you give fresh consent after a case team is identified.